Every time I read one of these stories I want to know WHY THE FUCK these orgs aren't applying mobile device management policies to gov devices to control what is installed on them. It's easy, they have the tooling already, just TURN IT ON.

There is no difference between a government device and a personal device for politicians you fools.

I doubt the charm offensive is specifically for allowing it on government devices, though.

Do government devices have absolutely zero MDM solutions or other safeguards that these laws have to be passed?

Corporate owned/government owned devices should have specific policies that only allow certain items on said devices. It’s amazing that they require these laws as this SHOULD be a common requirement from the get go

Why do people treat work devices like personal ones?

Free access free wifi free well everything ..free cars free has free house if your a good scamer .

I assure you that corporate owned hardware generally does have these safeguards. Only the government could be so incompetent

Most likely as simple as “ we don’t want to pay for that and pay to have someone set it up and pay for someone to have to deal with those devices” so instead they just give people a phone.

I think this might be just a reclassification situation. Instead of tiktok being blocked implicitly by not being on the whitelist, it's being explicitly blocked on a blacklist. Afaik, we haven't actually got a report of these devices removing tiktok as opposed to just banning the app. Functionally, nothing changed while headlines are made for clicks.

That's a bitchass move if you want to do it, do it properly like India

Because this is how many people in government think.

“I think that’s a personal choice,” Michelle Donelan, the minister at the helm of the U.K.’s new Department for Science, Innovation and Technology, told POLITICO in an interview. “As a Conservative, I strongly believe in personal choice.”

It's shocking to be reminded how thick some of our representatives really are.

there most definitely is

a person can own multiple devices/phones, say one for work and one for private use

UK Gov has M365. They have this already via InTune. Who on earth, outside of government, would think allowing users to install ANYTHING they like on a work device was a good idea, let alone users that are privy to very sensitive information. It's madness.

What do you mean by this? It's unclear. Is it irony?

In China tiktok is banned as well. They have a special Chinese version, Douyin.

"As a CIO I strongly believe in protecting the integrity of the network and the information contained within it, you fvcking idiot" would be my response

<shrugs> Pretty much every company does exactly that. It's neither hard nor expensive (and is probably a significant saver of money from not having to clear up after security incidents). UK Gov uses M365, they have access to InTune. Turn it on.

Personally I'd ban whatsapp/signal/telegram from them as well to enforce integrity in communications via Teams (which they are also using and licenced for) to avoid the "oops I lost my phone, sorry" responses to FOIA requests.

Now ban it for everyone.

For some it's probably a whitelist/blacklist situation and the ban is for the employees with elevated priveleges, not the typical employee. As a developer, I'm allowed a wide range of permissions including some Admin rights. However, my devices are still managed by the company and they turn on restrictions at any point.

This could be a situation where they are explicitly locking down the users that previously had extra permissions....but it's the government so maybe not.

What I mean is the device government employees use is literally their own personal devices.

BYOD is fine (although I'm fairly sure the civil services DOES supply work phones to most line of business staff who require one). However you should be enforcing Android Work Profile or the iOS equivalent when accessing corporate resources as part of a Conditional Access Policy. E.g. as soon as you sign into work email etc it enforces MDM before you get access. This will do stuff like insist on a secure PIN/password screen lock, control over application install under an allow/deny list, enforce device encryption as well as provision it with any certs needed to access company resources. Every company I can think of has been doing this for years and it's trivial and essential under a Zero Trust model for security.

Every time I see one of these articles pop up, I lose a little more faith in humanity.

WHY THE FUCK IS SOCIAL MEDIA ALLOWED ON A GOVERNMENT DEVICE IN THE FIRST PLACE?

Apps should be on a whitelist basis only.

Unless you're in a public-facing role specifically meant for marketing/communication, this shouldn't even be a thing. Any competent IT team would have these policies on lock before it was even an issue.

I know of many private companies that do not have these safeguards.

Using a blacklist as opposed to a whitelist is absurd.

Unsurprised that government cybersecurity is complete shit given that no government pays even a fifth of what tech pays for the same security role.

Well, often employers want to be able to reach employees at all hours of the day or night, especially those employees with specialized skills critical to production or operation. It’s a trade off. If you want to be able to call me at 3AM or at my son’s birthday party to get your power plant or oil refinery back up and running, then I’ll do whatever I like with your phone. Don’t like it? Then phone is powered down at 4PM and you can talk to me in the morning after you’ve lost 10 hours of production at $100k an hour.

[deleted]

Iv worked on IT helpdesks for 3 different government agencies/departments in recent times. And currently do. You can't install twitter, Facebook, YouTube or pretty much anything unless you request it and it gets authorised and then pushed out to your device. You don't get access to ether the android or apple stores to download apps.

So there must be more to this than the headline let's on.

Iv worked IT helpdesks for years serving multiple different gov departments... They don't allow it. And you don't have access to install anything for the app store or the Apple store. If you want an app that isn't o365 stuff you have to request it be pushed to you. Iv never seen Facebook. Tiktok YouTube or anything like that present on a device. And you can't visit the web based versions because they are blocked by browsing policy's.

There must be more behind this headline than it initially reads. Something like changing wording on an outdated policy to define specifics or something like that. Unless they are singling out politicians who may be deemed too important to upset.

They do though, large parts of HMG use InTune as the MDM solution.

And as you say, all they have to do is flick a switch, deploy a new policy and InTune will do everything for them.

The truth? It's really all just bring your own device in with these government officials.

And the actual government devices that are provided likely will have the things you just described. But the vast majority are BYOD and people are just being told to remove it.

Whether they do or not, is not possible to be checked because it is BYOD.

Because most of the time they are your personal ones.

The reality is that most government officials have bring your own device phones.

Only the real top bananas get government phones.

It's too late.

I am pretty liberal when it comes to state involvement in my life. From CCTV to banning sugary drinks I want as much freedom to do what I want as possible as long as it doesn't infringe or harm someone else.

But using the "I'll do what I want" on national security is a big fucking leap that just screams either selfishness or ignorance.

There seem to be plenty of reports of people using personal devices for government related business. That might have a lot to do with it. Did your work cover MPs, ministers, consultants and similar positions?

more interested in any government having to use officially recorded media, whatever that may be, so it is open to scrutiny. You can bet your house that WhatsApp Meta can and are passing on data to the American intelligence services, which doesn't particularly concern me, but a lack of transparency for the British public is shocking

Any corp that runs BYOD should be using Conditional Access / InTune or a 3rd party equivalent. You sign into mail/calendar etc and it enrolls your device, turns on and enforces strong PIN, encryption, remote wipe etc.

This is very much a Solved Problem.

Why the fuck are they using government devices for entertainment lmfao

I cant say which department/s it was/is. Security is incredibly tight. But its not MI5 or anything like that :D A lot of civil servants mostly at the moment. But iv spoken to people you would put in that list. But not MP's or ministers. Although we were warned they might call if they wanted to. I guess they are too important and have too many assistants to deal with us directly :D

One of the locations i worked had an OG enigma machine i walked past every day. which was cool.

My security training lasted a week when i started. 3 strike rule enforced by security officers who would do occasional patrols arround the place. left pc unlocked, strike, printed something and left it at the printer because it was a mistake and didnt shread it. strike. left any documents on your desk at the end of the day not locked away. strike. 3rd strike was instant dismissal.

My security trainer told a story of when he went to his gym and over heard a guy talking to a fried about where he worked. (This was some time ago when people were not QUITE as concious about security as they should have been.) He didnt mention what he did. mention the place by name or too many specifics. But he could tell from some of the bits he did say that he worked in the building. So he waited for him to leave. took a note of the registration number of his car. Then when he got into work looked up his reg number which was recorded when he comes in the gates and cross referenced it with his security pass. Took his name and went and found his desk. He said he sat down next to him. introduced himself and asked him how how his session at the gym was. Which got a confused reaction. He didnt get a strike. But got given a sturn warning to be more carefull about exactly what he said in public places.

It's largely performative

My comment Insta-banned on (r/worldnews) immediately (RE: TikTok banned on UK Gov phones): To not be spied on with a phone, you need Third Party Open Source Operating System on the device! You'd also need to have access and control over the Hardware Coding! The BIOS/equivalent can be the spying system. Does anyone understand how devices work anymore? There are layers of the device that can be compromised. The greatest spying apps are Apple iOS and Android OS, throw in Windows OS, Mac OS... There should have been a wave of Unix and Linux uptake when we all still stood a chance of avoiding a surveillance society.

YOUR DEVICE IS SPYING ON YOU 24/7, it's embedded in the root of the device/system!!!

P.s. Any crystal/antennae hardware in your device can be used to pick up sound and embed it in the WiFi signal itself. If you want to find sneaky, think sneaky.

Use reddit to catch when a comment is shadow banned immediately that you might be into a very real truth. Post a good theory and see if they are being sponsored to block that idea. Check by using a incognito tab to check the same feed. I know it's 'Reddit' but it's excellent fishing, especially in Worldnews threads! Modded by Shills for the psychotic agenda engines of nightmare futures usually.